'; print_r($response); echo ''; } else { echo '$_REQUEST is empty'; } ?> I started to do it in java. But im stuck in checking the `signature`.: String data[] = signed_request.split("\\."); Base64 decoder = new Base64(true); byte[] decodedBytes = decoder.decode( data[1] ); String result = new String(decodedBytes); byte[] dc = decoder.decode(data[0]); String signature = new String (dc); System.out.println("signature: " + signature); JdomParser parser = new JdomParser(); JsonRootNode rootNode; try { rootNode = parser.parse(result); String algorithm = rootNode.getStringValue("algorithm"); if ( ! algorithm.equals("HMAC-SHA256")){ return INPUT; } String FBSECRET = "my_app_secret"; //what would be next? } catch (InvalidSyntaxException e) { e.printStackTrace(); } What function is equivalent of `hash_hmac` in java? `result` is now in `JSON` format. But the value of `signature` when printed will display weird characters like `���y�'��D`]���D�|~���7�`. Thanks. [1]: https://developers.facebook.com/docs/plugins/registration/
stackoverflow.com/questions/1609899/…, stackoverflow.com/questions/6312544/…, google.com/search?q=hash_hmac+in+java
